End-of-Shift report
Timeframe: Montag 18-04-2016 18:00 − Dienstag 19-04-2016 18:00
Handler: Alexander Riepl
Co-Handler: n/a
Touch ID: 90 Prozent der iPhone-Nutzer setzen jetzt auf Code-Sperre
Seit der Einführung des Fingerabdruckscanners hat sich laut Apple der Anteil der Nutzer verdoppelt, die ihr iPhone mit einem Gerätecode schützen und damit die Daten verschlüsseln.
http://heise.de/-3177095
JavaScript-toting spam emails: What should you know and how to avoid them?
We have recently observed that spam campaigns are now using JavaScript attachments aside from Office files. The purpose of the code is straightforward. It downloads and runs other malware. Some of the JavaScript downloaders ..
https://blogs.technet.microsoft.com/mmpc/2016/04/18/javascript-toting-spam-emails-what-should-you-know-and-how-to-avoid-them/
Google Alerts, Direct Webmaster Communication Get Bugs Fixed Quickly
Google determined that Safe Browsing warnings correlate with quicker remediation times, though not as quick as direct contact with webmasters who have registered with Google Search Console.
http://threatpost.com/google-alerts-direct-webmaster-communication-get-bugs-fixed-quickly/117491/
Magnitude EK Activity At Its Highest Via AdsTerra Malvertising
The Magnitude exploit kit is maximizing its leads via a large and uninterrupted malvertising campaign.Categories: ExploitsTags: adsterramagnitude EKmalvertisingterraclicks(Read more...)
https://blog.malwarebytes.org/threat-analysis/exploits-threat-analysis/2016/04/magnitude-ek-activity-at-its-highest-via-adsterra-malvertising/
iPrint Appliance 2.0 Patch 1
Abstract: Patch 1 for the iPrint Appliance 2.0 includes bug fixes.Document ID: 5240661Security Alert: YesDistribution Type: PublicEntitlement Required: NoFiles:iPrint-2.0.0.530.HP.zip (594.99 MB)Products:iPrint Appliance 2Superceded Patches:iPrint Appliance 2.0 FTF
https://download.novell.com/Download?buildid=W46YTfqEGiQ~
Symantec Messaging Gateway Multiple Security Issues
Revisions None Severity Severity (CVSS version 2 and CVSS Version 3) CVSS2 Base Score ..
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2016&suid=20160418_00
Python-Based PWOBot Targets European Organizations
We have discovered a malware family named 'PWOBot' that is fairly unique because it is written entirely in Python, and compiled via PyInstaller to generate a Microsoft Windows ..
http://researchcenter.paloaltonetworks.com/2016/04/unit42-python-based-pwobot-targets-european-organizations
Zahlen, bitte! Täglich 390.000 neue Schadprogramme
Momentan hat man das Gefühl, in jedem Mail-Anhang und hinter jedem Link versteckt sich irgendeine Malware. Antiviren-Hersteller und Test-Labore verstärken diesen Eindruck noch durch irrwitzig hohe Zahlen neuer Schadprogramme.
http://heise.de/-3177141
2015 über 550 Millionen Datensätze von Sicherheitslecks betroffen
Anzahl bekannt gewordener Zero-Day-Lücken mehr als verdoppelt – Entwickler werden schneller beim Ausmerzen
http://derstandard.at/2000035195204
How-To Disable Windows Script Host
Numerous spam campaigns are pushing various crypto-ransomware families (and backdoors) via .zip file attachments. And such .zip files typically contain a JScript (.js/.jse) file that, if clicked, will be run via Windows Script Host. Do yourself a favor and edit your Windows Registry ..
https://labsblog.f-secure.com/2016/04/19/how-to-disable-windows-script-host/
Exploit kit writers turn away from Java, go all-in on Adobe Flash
312% increase in Flash vulns over 2014, says study Exploit kit writers are no longer fussed about Java vulnerabilities, focusing their attention almost entirely on Adobe Flash.
www.theregister.co.uk/2016/04/19/exploit_kit_writers_love_flash/
Homeland Security: Open Source dient der inneren Sicherheit
Die Offenlegung von Code habe Vorteile bei der "Cybersicherheit" und werde helfen, die Nation vor Gefahren zu schützen, meint der Technikchef der zuständigen US-Behörde. Außerdem könnten Bürger die Behörde dank Open Source besser überwachen, glauben Entwickler.
http://www.golem.de/news/homeland-security-open-source-dient-der-inneren-sicherheit-1604-120418.html
Tools
A number of security vulnerabilities have been identified in Citrix XenServer. The following vulnerabilities have been addressed: ...
http://support.citrix.com/article/CTX209443
Perfides PayPal-Phishing mit angeblicher Eventim-Rechnung
Eine überdurchschnittlich gut gemachte Phishing-Mail soll PayPal-Kunden in die Datenfalle locken. Die Absender haben sogar beim Header getrickst.
http://heise.de/-3177745